Zyxel SSL VPN with linux ?

wiltur@jlai.lu to Linux@lemmy.ml – 12 points –

Hello,

My employer had the good idea of setting up shared directories at the company's head office, on a NAS (Zyxel brand, apparently).

I have all the credentials for connecting to the VPN (SSL_VPN), then those for mounting the shared directory.

My problem is that I don't use Windows on my post (well, I do, but in dual boot), but I'd like to be able to do everything from Mint, without having to go through Windows.

I've tried installing the network-manager-fortisslvpn package, but it doesn't work. All I have is a login and password, and the server address is IP:4443.

No certificate has been provided, under windows (installing SSL_VPN_Client_4.0.4.0) on connection there's an error message and you realize that on the server side it's a self-signed certificate.... (LOL?)

Any idea how I can connect? No leads on the Zyxel forum, there's no linux support anyway.

Any ideas?

8

https://docs.fortinet.com/document/forticlient/7.2.1/linux-release-notes/213138

I looked through the documentation on Fortigates website and it does look like it's different steps for installation based on which Ubuntu version you have. Also something different for Debian. Not sure which Linux mint you have or even if it's LMDE but I'd run through this doc page and see if anything works out for you.

Also obligatory nobody asked but zyxel has had a lot of severe security issues lately. Actually so has Fortinet so stay vigilant.

Thx, I've tried FortiClient but, same result, I can't connect :/

Is it not open vpn with a custom skin? Haven't heard of Zyxel yet, but most corporate VPNs that I see these days are just open vpn with a skin on them.

I know this is not exactly what you're looking for, but I found for a Fortinet ssl vpn connection.

https://askubuntu.com/a/1338207

It might work for you? Doesn't hurt to try...

EDIT: Another thing you can try is the official OpenVPN client for linux...

https://openvpn.net/community-resources/how-to/

The problem is that I don't have a trusted certificate. So I can't use the first solution (which I've already tried, by the way).

For the second solution, which I've also tried, I still have the problem of entering a certificate that I don't have. I've tried retrieving the self-signed certificate with Firefox, but the connection ends with a timeout...

Anyway, thanks for trying to help.

Does curl support certificate downloads?

Edit: try openssl if you have access to it...

https://superuser.com/a/176721

I got the certificat using firefox (export certificat), but it doesn't works. Always a timeout :/

Rats.. Sorry mate.

We'll have to wait for someone smarter than me to come and solve this.